Description

Type

Course
Methodology

Inhouse

Start date

Different dates available

This 5 day expansive course covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble- shooting skills which will be necessary for real-world administration of these network services.

Facilities

Inhouse

Start date

Different dates availableEnrolment now open

About this course

Who is it intended for?

Experienced Linux system administrators needing to set up or manage secure, enterprise- level network servers.

Requirements

Students should already be comfortable with basic Linux or UNIX administration, and have a good understanding of network concepts, the TCP/IP protocol suite is also assumed.

What marks this course apart?

The course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

Questions & Answers

Add your question

Our advisors and other users will be able to reply to you

Who would you like to address this question to?

All
Students
Centre

Fill in your details to get a reply

We will only publish your name and question

Reviews

This centre's achievements

2018

How do you get the CUM LAUDE seal?

All courses are up to date

The average rating is higher than 3.7

More than 50 reviews in the last 12 months

This centre has featured on Emagister for 6 years

Subjects

Access
Options
Linux
Server
Apache
PHP
Tomcat
Database
Database training
Network
Protocol
DNS
Syntax
Network Training

Course programme

#text-block-8 { margin-bottom:0px; text-align:left; }

#text-block-11 { margin-bottom:0px; text-align:left; }

1. Securing Services

Xinetd

Xinetd Connection Limiting and Access

Control

Xinetd: Resource limits, redirection,

logging

TCP Wrappers

The /etc/hosts.allow & /etc/hosts.deny

Files

/etc/hosts.{allow,deny} Shortcuts Advanced TCP Wrappers Basic Firewall Activation

Netfilter: Stateful Packet Filter Firewall Netfilter Concepts

Using the iptables Command Netfilter Rule Syntax Targets

Common match_specs Connection Tracking AppArmor

SELinux Security Framework Choosing an SELinux Policy SELinux Commands SELinux Booleans

Graphical SELinux Policy Tools

2. DNS Concepts

Naming Services

DNS – A Better Way

The Domain Name Space Delegation and Zones Server Roles

Resolving Names

Resolving IP Addresses

Basic BIND Administration Configuring the Resolver Testing Resolution

3. Configuring Bind BIND Configuration Files named.conf Syntax

named.conf Options Block Creating a Site-Wide Cache rndc Key Configuration Zones In named.conf

Zone Database File Syntax SOA – Start of Authority

A & PTR – Address & Pointer

Records

NS – Name Server

CNAME & MX – Alias & Mail

Host

Abbreviations and Gotchas $ORIGIN and $GENERATE

4. Creating DNS Hierarchies

Subdomains and Delegation Subdomains

Delegating Zones

in-addr.arpa. Delegation Issues with in-addr.arpa. RFC2317 & in-addr.arpa.

5. Advanced Bind DNS Features

Address Match Lists & ACLs Split Namespace with Views Restricting Queries

Restricting Zone Transfers

Running BIND in a chroot jail Dynamic DNS Concepts

Allowing Dynamic DNS Updates DDNS Administration with nsupdate Common Problems Common Problems

Securing DNS with TSIG

6. LDAP Concepts and Clients

LDAP: History and Uses LDAP: Data Model Basics LDAP: Protocol Basics LDAP: Applications LDAP: Search Filters

LDIF: LDAP Data Interchange Format OpenLDAP Client Tools Alternative LDAP Tools

7. OpenLDAP Servers

Popular LDAP Server Implementations OpenLDAP: Server Architecture OpenLDAP: Backends OpenLDAP: Replication

OpenLDAP: Configuration Options OpenLDAP: Configuration Sections OpenLDAP: Global Parameters OpenLDAP: Database Parameters OpenLDAP Server Tools

Enabling LDAP-based Login

System Security Services Daemon

(SSSD)

8. Using Apache

HTTP Operation

Adding Modules to Apache Apache Configuration Files httpd.conf – Server Settings

httpd.conf – Main Configuration HTTP Virtual Servers Virtual Hosting DNS

Implications

httpd.conf – VirtualHost

Configuration

Port and IP based Virtual Hosts Name-based Virtual Host Apache Logging Log Analysis The Webalizer

9. Apache Security Virtual Hosting Security

Implications

Delegating Administration Directory Protection

Directory Protection with

AllowOverride

Common Uses for .htaccess Symmetric Encryption

Algorithms

Asymmetric Encryption

Algorithms Digital Certificates

SSL Using mod_ssl.so

#text-block-12 { margin-bottom:0px; text-align:left; }

10. Apache Server-Side Scripting

Administration

Dynamic HTTP Content

PHP: Hypertext Preprocessor Developer Tools for PHP Installing PHP

Configuring PHP Securing PHP

Security Related php.ini

Configuration

Java Servlets and JSP Apache’s Tomcat

Installing Java SDK

Installing Tomcat Manually Using Tomcat with Apache

Apache Architecture

Dynamic Shared Objects

11. Implementing an FTP server

The FTP Protocol Active Mode FTP Passive Mode FTP ProFTPD

Pure-FTPd vsftpd

Configuring vsftpd

Anonymous FTP with vsftpd

1 2. The Squid Proxy Server

Squid Overview Squid File Layout

Squid Access Control Lists Applying Squid ACLs

Tuning Squid & Configuring Cache

Hierarchies

Bandwidth Metering Monitoring Squid

Proxy Client Configuration

13. Samba Concepts and Configuration

Introducing Samba Samba Daemons

NetBIOS and NetBEUI

Accessing Windows/Samba Shares from

Linux

Samba Utilities

Samba Configuration Files The smb.conf File

Mapping Permissions and ACLs Mapping Linux Concepts Mapping Case Sensitivity Mapping Users

Sharing Home Directories Sharing Printers

Share Authentication Share-Level Access User-Level Access

Samba Account Database User Share Restrictions

14. SMTP Theory

SMTP

SMTP Terminology SMTP Architecture SMTP Commands SMTP Extensions

SMTP AUTH

SMTP STARTTLS SMTP Session

15. POSTFIX

Postfix Features

Postfix Architecture Postfix Components Postfix Configuration master.cf main.cf

Postfix Map Types

Postfix Pattern Matching Advanced Postfix Options Virtual Domains

Postfix Mail Filtering

Configuration Commands Management Commands Postfix Logging Logfile Analysis chrooting Postfix

Postfix, Relaying and SMTP

AUTH

SMTP AUTH Server and Relay

Control

SMTP AUTH Clients Postfix / TLS

TLS Server Configuration

Postfix Client Configuration for

TLS

Other TLS Clients

Ensuring TLS Security

16. Mail Services and Retrieval

Filtering Email Procmail

SpamAssassin Bogofilter

amavisd-new Mail Filtering Accessing Email

The IMAP4 Protocol

Dovecot POP3/IMAP Server Cyrus IMAP/POP3 Server

Cyrus IMAP MTA Integration Cyrus Mailbox Administration Fetchmail

SquirrelMail

Mailing Lists

GNU Mailman

Mailman Configuration

Appendix A – Sendmail

Sendmail Architecture Sendmail Components Sendmail Configuration

Sendmail Remote Configuration Controlling Access

Sendmail Mail Filter (milter)

Configuring Sendmail SMTP AUTH Configuring SMTP STARTTLS

Appendix B – NIS

NIS Overview

NIS Limitations and Advantages NIS Client Configuration NIS Server Configuration NIS Troubleshooting Aids

Aliases

See related categories

Contact us

Enterprise Linux Network Services

Questions & Answers

Reviews

This centre's achievements

Subjects

Course programme

Add similar courses
and compare them to help you choose.

Enterprise Linux Network Services

Questions & Answers

Reviews

This centre's achievements

Subjects

Course programme

Add similar coursesand compare them to help you choose.

Add similar courses
and compare them to help you choose.